public function _gallery_create() { global $bio, $core; if (_button()) { $upload = _import('upload'); // Start $sql = 'SELECT MAX(image_id) AS total FROM _bio_images WHERE image_bio = ?'; $image = sql_field(sql_filter($sql, $this->a('bio_id')), 'total', 0) + 1; $upload->chmod(array(_lib(LIB_BIO . ' ' . $this->a('bio_id'))), 0777); $f = $upload->process(LIB . 'tmp/', request_var('files:picture'), w('jpg'), $core->v('max_upload')); if ($f === false && count($upload->error)) { $warning->set($upload->error); } if (!$warning->exist) { $total = 0; foreach ($f as $row) { //$row = $upload->_row($gallery, $image); $f2 = $upload->resize($row, LIB . 'tmp', LIB . 'events/future/', $v['e_id'], array(600, 400), false, false, true); if ($f2 === false) { continue; } $f3 = $upload->resize($row, LIB . 'events/future/', LIB . 'events/preview/', $v['e_id'], array(210, 210), false, false); $total++; // $sql_insert = array('bio' => $bio->v('bio_id'), 'image' => $image, 'width' => $i_data['width'], 'height' => $i_data['height'], 'views' => 0, 'downloads' => 0, 'allow_dl' => (int) $allow_dl); sql_put('_bio_images', prefix('image', $sql_insert)); $image++; } $sql = 'UPDATE _bio_store SET store_value = store_value + ?? WHERE store_bio = ?'; _sql(sql_filter($sql, $total, $bio->v('bio_id'))); } if (!$error) { redirect(_link_control('a', array('a' => $bio->v('bio_alias'), 'x1' => $this->x(1)))); } } return v_style(array('U_CREATE' => _link_bio($bio->v('bio_alias'), array('x1' => $this->x(1), 'x2' => $this->x(2))), 'MAX_FILESIZE' => $core - v('max_upload'))); }
protected function _like_home() { global $bio; if (!is_ghost()) { _fatal(); } $v = $this->__(array('ref' => 0)); if (!$v['ref']) { _fatal(); } if (!$bio->v('auth_member')) { _login(); } // like_time $sql = 'SELECT * FROM _reference WHERE ref_id = ?'; if (!($ref = _fieldrow(sql_filter($sql, $v['ref'])))) { _fatal(); } $sql = 'SELECT like_id FROM _reference_likes WHERE like_ref = ? AND like_uid = ?'; if (!_field(sql_filter($sql, $ref['ref_id'], $bio->v('bio_id')), 'like_id', 0)) { $sql_insert = array('ref' => $ref['ref_id'], 'uid' => $bio->v('bio_id')); sql_put('_reference_likes', prefix('like', $sql_insert)); } return $this->e('~OK'); }
protected function _publish_home() { global $bio; $v = $this->__(w('address key subject content playing f 0 p 0')); // TODO: Implement bio authorization $this->_bio_publish($v->address, $v->key); // if (!$v->forum && !$v->post) { $warning->now(); } if ($v->forum) { if (empty($v->subject)) { $this->_error('NO_TOPIC_SUBJECT'); } $sql = 'SELECT * FROM _board_forums WHERE forum_id = ?'; if (!($forum = sql_fieldrow(sql_filter($sql, $v->forum)))) { $warning->now(); } $v->subject = _subject($v->subject); } else { $sql = 'SELECT * FROM _board_posts WHERE post_id = ?'; if (!($post = sql_fieldrow(sql_filter($sql, $v->post)))) { $warning->now(); } $sql = 'SELECT * FROM _board_topics WHERE topic_id = ?'; if (!($topic = sql_fieldrow(sql_filter($sql, $post->post_topic)))) { $warning->now(); } } if ($v->forum) { if ($forum->forum_locked && !$this->auth_forum($forum, 'create')) { $warning->now(); } } if (empty($v->content)) { $this->_error('NO_TOPIC_CONTENT'); } $v->content = _prepare($v->content); // Start insert transaction sql_transaction(); $sql_commit = false; if ($v->forum) { // Insert topic $sql_insert = array('forum' => $v->forum, 'subject' => $v->subject, 'author' => $bio->v('bio_id'), 'time' => time(), 'active' => $bio->v('bio_confirmed')); $v->topic_next = sql_put('_board_topics', prefix('topic', $sql_insert)); // Insert post $sql_insert = array('forum' => $v->forum, 'topic' => $v->topic_next, 'parent' => 0, 'bio' => $bio->v('bio_id'), 'time' => time(), 'active' => $bio->v('bio_confirmed'), 'message' => $v->content, 'playing' => $v->playing); $v->post_next = sql_put('_board_posts', prefix('post', $sql_insert)); if ($v->topic_next && $v->post_next) { $sql_commit = true; } } else { $sql_insert = array('forum' => $topic->topic_forum, 'topic' => $topic->topic_id, 'parent' => $v->post, 'bio' => $bio->v('bio_id'), 'time' => time(), 'active' => $bio->v('bio_confirmed'), 'message' => $v->content, 'playing' => $v->playing); $v->post_next = sql_put('_board_posts', prefix('post', $sql_insert)); $sql_update = w(); $sql = 'UPDATE _board_topics SET topic_replies = topic_replies + 1' . sql_build('UPDATE', $sql_update) . sql_filter(' WHERE topic_id = ?', $topic->topic_id); $updated = sql_affected($sql); if ($v->post_next && $updated) { $sql_commit = true; } } if (!$sql_commit) { sql_transaction('rollback'); $this->_error('ROLLBACK_MESSAGE'); } sql_transaction('commit'); if (is_ghost() && $v->post) { if ($bio->v('bio_confirmed')) { $response = array('show' => 1, 'parent' => $v->post, 'post' => $v->post_next, 'content' => _message($v->content), 'time' => _format_date(), 'profile' => array('link' => _link_bio($bio->v('bio_alias')), 'name' => $bio->v('bio_name'))); } else { $response = array('show' => 0, 'legend' => _lang('PUBLISH_TOPIC_GUEST')); } $this->output(json_encode($response)); } return redirect(_link('board', array('topic', $v->topic))); }
protected function _analytics_store() { global $bio, $core; list($h, $d, $m, $y) = explode(' ', gmdate('G j n Y', _localtime())); $sql = 'SELECT * FROM _stats WHERE stat_page = ? AND stat_hour = ? AND stat_day = ? AND stat_month = ? AND stat_year = ?'; if ($stat = sql_fieldrow(sql_filter($sql, $bio->page, $h, $d, $m, $y))) { $field_stat = $bio->v('auth_member') ? 'member' : 'guest'; $sql = 'UPDATE _stats SET stat_' . $field_stat . ' = stat_' . $field_stat . ' + 1 WHERE stat_id = ?'; $sql = sql_filter($sql, $stat->stat_id); sql_run($sql); } else { if ($bio->v('auth_member')) { $sql_insert = array(); } else { $sql_insert = array(); } sql_put('_stats', $sql_insert); } return; }
protected function _press_home() { global $bio; $sql = 'SELECT * FROM _newsletter WHERE newsletter_active = 1 LIMIT 1'; if (!($newsletter = _fieldrow($sql))) { $this->warning->set('no_newsletter'); } set_time_limit(0); if (!$newsletter->newsletter_start) { $sql = 'UPDATE _newsletter SET newsletter_start = ? WHERE newsletter_id = ?'; sql_query(sql_filter($sql, time(), $newsletter->newsletter_id)); } $sql = 'SELECT bio_id, bio_alias, bio_name, bio_address, bio_lastvisit FROM _bio b ?? RIGHT JOIN _bio_newsletter bn ON b.bio_id = bn.newsletter_bio AND bn.newsletter_receive = ? WHERE b.bio_lastvisit >= ? AND b.bio_status <> ? ORDER BY b.bio_name LIMIT ??, ??'; $sql_country = ''; if (!empty($newsletter->newsletter_country)) { $sql_country = sql_filter(' LEFT JOIN _countries ON bio_country = country_id AND country_id IN (??)', implode(', ', w($newsletter->newsletter_country))); } $members = _rowset(sql_filter($sql, $sql_country, 1, $newsletter['newsletter_lastvisit'], 2, $newsletter->newsletter_last, $core->v('newsletter_process'))); $i = 0; foreach ($members as $row) { if (!is_email($row['user_email'])) { continue; } $email = array('USERNAME' => $row->username, 'MESSAGE' => entity_decode($email->email_message)); $core->email->init('press', 'mass:plain', $email); $core->email->subject(entity_decode($email['email_subject'])); if (!empty($row['user_public_email']) && $row['user_email'] != $row['user_public_email'] && is_email($row['user_public_email'])) { $core->email->cc($row->bio_address_public); } $core->email->send($row->user_email); $sql_history = array('history_newsletter' => $newsletter->newsletter_id, 'history_bio' => $row->bio_id, 'history_time' => time()); sql_put('_newsletter_history', $sql_history); sleep(2); $i++; } if ($i) { $email['email_last'] += $i; $sql = 'UPDATE _newsletter SET newsletter_last = ? WHERE newsletter_id = ?'; sql_query(sql_filter($sql, $newsletter->newsletter_last, $newsletter->newsletter_id)); } else { $sql = 'UPDATE _newsletter SET newsletter_active = ?, newsletter_end = ? WHERE newsletter_id = ?'; sql_query(sql_filter($sql, 0, time(), $newsletter->newsletter_id)); $this->warning->set('finished: ' . $newsletter->newsletter_id); } return $this->warning->set('completed: ' . $i); }
protected function _attend_home() { global $bio; if (!is_ghost()) { _fatal(); } if (!$bio->v('auth_member')) { _login(); } $v = $this->__(_array_keys(w('event option'), 0)); if (!$v['event'] || !$v['option']) { _fatal(); } $sql = 'SELECT event_id FROM _events WHERE event_id = ?'; if (!_fieldrow($sql, $v['event'])) { _fatal(); } $sql = 'SELECT type_id FROM _events_attend_type WHERE type_id = ?'; if (!_fieldrow(sql_filter($sql, $v['option']))) { _fatal(); } $sql = 'SELECT attend_id FROM _events_attend WHERE attend_event = ? AND attend_uid = ?'; if ($attend_id = _field(sql_filter($sql, $v['event'], $bio->v('bio_id')), 'attend_id', 0)) { $sql = 'UPDATE _events SET attend_option = ? WHERE attend_id = ?'; _sql(sql_filter($sql, $v['option'], $attend_id)); } else { $sql_insert = array('attend_event' => $v['event'], 'attend_uid' => $bio->v('bio_id'), 'attend_option' => $v['option'], 'attend_time' => time()); sql_put('_events_attend', $sql_insert); } return $this->e('~OK'); }
protected function _create_home() { global $warning; if (_button()) { $v = $this->__(w('subject message lastvisit')); $sql = 'SELECT press_id FROM _press WHERE pres_subject = ? AND press_message = ?'; if (!sql_fieldrow(sql_filter($sql, $v->subject, $v->message))) { $warning->now(); } // d m y $vs = explode(' ', $v->lastvisit); $v->lastvisit = mktime(0, 0, 0, $vs[1], $vs[0], $vs[2]); $v->active = 1; sql_put('_press', prefix('email', $v)); $warning->now('ok'); } $s = array('SUBJECT' => '', 'MESSAGE' => '', 'LASTVISIT' => ''); _style_vars($s); }
protected function _bios_home() { $sql = 'SELECT field_alias, field_id FROM _bio_fields ORDER BY field_alias'; $store_fields = _rowset($sql, 'field_alias', 'field_id'); $current_fields = array('public_email' => 'email_0', 'fav_artists' => 'fartists', 'fav_genres' => 'fgenres', 'icq' => 'icq', 'interests' => 'interests', 'lastfm' => 'lastfm', 'location' => 'location', 'occ' => 'occ', 'os' => 'os', 'website' => 'website', 'msnm' => 'wlive'); $sql = 'SELECT * FROM _members WHERE user_id <> 1 ORDER BY user_id'; $members = _rowset($sql); foreach ($members as $row) { $user_firstname = ''; $user_lastname = ''; switch ($row['user_id']) { case 2: $user_firstname = 'Guillermo'; $user_lastname = 'Azurdia'; break; case 3: $user_firstname = 'Gerardo'; $user_lastname = 'Medina'; break; } $sql_insert = array('bio_type' => 2, 'bio_level' => $row['user_type'] ? $row['user_type'] : 0, 'bio_active' => $row['user_active'] ? $row['user_active'] : 0, 'bio_alias' => $row['username_base'] ? $row['username_base'] : '', 'bio_name' => $row['username'] ? $row['username'] : '', 'bio_first' => $user_firstname, 'bio_last' => $user_lastname, 'bio_key' => $row['user_password'] ? $row['user_password'] : '', 'bio_address' => $row['user_email'] ? strtolower($row['user_email']) : '', 'bio_gender' => $row['user_gender'] ? $row['user_gender'] : '', 'bio_birth' => $row['user_birthday'] ? $row['user_birthday'] : 0, 'bio_birthlast' => $row['user_birthday_last'] ? $row['user_birthday_last'] : 0, 'bio_regip' => $row['user_regip'] ? $row['user_regip'] : '', 'bio_regdate' => $row['user_regdate'] ? $row['user_regdate'] : 0, 'bio_lastvisit' => $row['user_lastvisit'] ? $row['user_lastvisit'] : 0, 'bio_session_time' => $row['user_session_time'] ? $row['user_session_time'] : 0, 'bio_lastpage' => '', 'bio_timezone' => $row['user_timezone'] ? $row['user_timezone'] : 0.0, 'bio_dst' => $row['user_dst'] ? $row['user_dst'] : 0, 'bio_dateformat' => $row['user_dateformat'] ? $row['user_dateformat'] : '', 'bio_lang' => $row['user_lang'] ? $row['user_lang'] : 'es', 'bio_country' => !$row['user_country'] ? 90 : $row['user_country'], 'bio_avatar' => $row['user_avatar'] ? $row['user_avatar'] : '', 'bio_avatar_up' => $row['user_avatar'] ? substr(md5(unique_id()), 0, 10) : '', 'bio_actkey' => '', 'bio_recovery' => '', 'bio_fails' => 0); $bio_id = sql_put('_bio', $sql_insert); foreach ($current_fields as $current_field => $new_field) { if (isset($row['user_' . $current_field]) && f($row['user_' . $current_field])) { $sql_insert = array('bio' => $bio_id, 'field' => $store_fields[$new_field], 'value' => $row['user_' . $current_field]); sql_put('_bio_store', prefix('store', $sql_insert)); } } if (isset($row['user_send_mass']) && $row['user_send_mass']) { $sql_insert = array('bio' => $bio_id, 'receive' => $row['user_send_mass']); sql_put('_bio_newsletter', prefix('newsletter', $sql_insert)); } } /* $sql = 'SELECT * FROM _members_friends ORDER BY user_id, buddy_id'; $friends = _rowset($sql); foreach ($friends as $row) { $sql_insert = array( 'assoc' => $row['buddy_id'], 'bio' => $row['user_id'], 'active' => 1, 'time' => $row['friend_time'], 'message' => '' ); sql_put('_bio_friends', prefix('friend', $sql_insert)); } */ return $this->e('~OK'); }
protected function _up_home() { global $bio, $warning; $v = $this->__(w('send address')); if (!empty($v->send)) { $v = _array_merge($v, $this->__(array_merge(w('password firstname lastname country status'), _array_keys(w('gender birth_day birth_month birth_year'), 0)))); if (empty($v->address)) { $warning->set('empty_address'); } if (empty($v->password)) { $warning->set('empty_password'); } if (!email_format($v->address)) { $warning->set('bad_address'); } if (!($v->alias = _low($v->firstname . $v->lastname))) { $warning->set('bad_alias'); } if ($this->alias_exists($v->alias)) { $warning->set('record_alias'); } if (!($v->country = $this->country_exists($v->country))) { $warning->set('bad_country'); } if (!$v->birth_day || !$v->birth_month || !$v->birth_year) { $warning->set('bad_birth'); } $v->birth = _timestamp($v->birth_month, $v->birth_day, $v->birth_year); $v->name = trim($v->firstname) . ' ' . trim($v->lastname); $sql_insert = array('type' => 0, 'level' => 0, 'active' => 1, 'alias' => $v->alias, 'name' => $v->firstname . ' ' . $v->lastname, 'first' => $v->firstname, 'last' => $v->lastname, 'key' => HashPassword($v->password), 'address' => $v->address, 'gender' => $v->gender, 'birth' => $v->birth, 'birthlast' => 0, 'regip' => $bio->v('ip'), 'regdate' => time(), 'session_time' => time(), 'lastpage' => '', 'timezone' => -6, 'dst' => 0, 'dateformat' => 'd M Y H:i', 'lang' => 'sp', 'country' => $v->country, 'avatar' => '', 'actkey' => '', 'recovery' => 0, 'fails' => 0); $bio->id = sql_put('_bio', prefix('bio', $sql_insert)); $sql_insert = array('bio' => $bio->id, 'name' => $v->address, 'primary' => 1); sql_put('_bio_address', prefix('address', $sql_insert)); echo 'OK'; exit; } //$gi = geoip_open(XFS.XCOR . 'store/geoip.dat', GEOIP_STANDARD); $geoip_code = ''; if ($bio->v('ip') != '127.0.0.1') { // GeoIP if (!@function_exists('geoip_country_code_by_name')) { //require_once(XFS.XCOR . 'geoip.php'); } //$geoip_code = @geoip_country_code_by_name($bio->v('ip')); } for ($i = 1; $i < 32; $i++) { if ($i == 1) { _style('birth_day'); } _style('birth_day.row', array('DAY' => $i)); } for ($i = 1; $i < 13; $i++) { if ($i == 1) { _style('birth_month'); } _style('birth_month.row', array('MONTH' => $i)); } for ($i = date('Y'); $i > 1900; $i--) { if ($i == date('Y')) { _style('birth_year'); } _style('birth_year.row', array('YEAR' => $i)); } //_pre($geoip_code, true); /* $sql = 'SELECT * FROM _countries ORDER BY country_name'; $countries = sql_rowset($sql); $v->country = ($v->country) ? $v->country : ((isset($country_codes[$geoip_code])) ? $country_codes[$geoip_code] : $country_codes['gt']); foreach ($countries as $i => $row) { if (!$i) _style('countries'); _style('countries.row', array( 'V_ID' => $row->country_id, 'V_NAME' => $row->country_name, 'V_SEL' => 0) ); } * */ return; }
protected function _artist_home() { $v = array_merge($v, $this->__(array('a_name', 'a_website', 'a_email', 'a_genre' => array(0), 'a_country' => 0))); $v_check = array('a_name' => 'INVALID_NAME', 'a_email' => 'INVALID_EMAIL', 'a_genre' => 'INVALID_GENRE'); foreach ($v_check as $vk => $vv) { if (!f($v[$vk])) { $this->error($vv); } } if (!$this->errors()) { $v['a_alias'] = _alias($v['a_name']); if (f($v['a_alias'])) { $sql = 'SELECT a_approved FROM _artists WHERE a_alias = ?'; if ($a_approved = _field(sql_filter($sql, $v['a_alias']), 'a_approved')) { $a_msg = $a_approved ? 'EXISTS' : 'PENDING'; $this->error('ARTIST_' . $a_msg); } } else { $this->error('INVALID_ALIAS'); } } if (!$this->errors() && !check_email($v['a_email'])) { $this->error('INVALID_EMAIL'); } if (!$this->errors()) { $sql = 'SELECT country_id FROM _countries WHERE country_id = ?'; if (!_fieldrow(sql_filter($sql, $v['a_country']))) { $this->error('INVALID_COUNTRY'); } } if (!$this->errors()) { $sql = 'SELECT type_id FROM _alias_type WHERE type_alias = ?'; $alias_type = _field(sql_filter($sql, 'artist'), 'type_id'); $sql_insert = array('name' => $v['a_name'], 'alias' => $v['a_alias'], 'approved' => 0, 'time' => time(), 'email' => strtolower($v['a_email']), 'website' => $v['a_website'], 'country' => $v['a_country'], 'biography' => '', 'views' => 0, 'music' => 0, 'video' => 0, 'news' => 0, 'posts' => 0, 'votes' => 0, 'lyrics' => 0, 'images' => 0); sql_put('_artists', prefix('a', $sql_insert)); $sql_insert = array('name' => $v['a_alias'], 'enable' => 0, 'type' => $alias_type); sql_put('_alias', prefix('alias', $sql_insert)); redirect(_link('alias', array('alias' => $v['a_alias']))); } return; }
protected function _up_home() { $v = $this->__(w('address')); if (_button()) { $v = array_merge($v, $this->__(array_merge(w('alias nickname ref_in'), _array_keys(w('gender country birth_day birth_month birth_year aup ref'), 0)))); if (empty($v->nickname) && !empty($v->address) && !is_email($v->address)) { $v->nickname = $v->address; } if (empty($v->nickname)) { $warning->set('empty_username'); } if (bio_length($v - nickname)) { $warning->set('len_alias'); } if (!($v->alias = _low($v->nickname))) { $warning->set('bad_alias'); } if ($this->alias_exists($v->alias)) { $warning->set('record_alias'); } if (!$this->country_exists($v->country)) { $warning->set('bad_country'); } if (!$v->birth_day || !$v->birth_month || !$v->birth_year) { $this->_error('BAD_BIRTH'); } $v->birth = _timestamp($v->birth_month, $v->birth_day, $v->birth_year); $sql_insert = array('alias' => $v->alias, 'nickname' => $v->nickname, 'address' => $v->address, 'gender' => $v->gender, 'country' => $v->country, 'birth' => $v->birth); sql_put('_bio', prefix('user', $sql_insert)); } // GeoIP require_once XFS . XCOR . 'geoip.php'; $gi = geoip_open(XFS . XCOR . 'store/geoip.dat', GEOIP_STANDARD); $geoip_code = strtolower(geoip_country_code_by_addr($gi, $bio->ip)); $sql = 'SELECT * FROM _countries ORDER BY country_name'; $countries = _rowset($sql); $v2->country = $v2->country ? $v2->country : (isset($country_codes[$geoip_code]) ? $country_codes[$geoip_code] : $country_codes['gt']); foreach ($countries as $i => $row) { if (!$i) { _style('countries'); } _style('countries.row', array('V_ID' => $row->country_id, 'V_NAME' => $row->country_name, 'V_SEL' => 0)); } return; }